BSD Commit Log Search

   sort.1 (style fix): avoid overly long input lines.

   PR standards/59647.

   We need Perl during the build too, now, running xshadertoy-compile.pl

   Updated security/py-fido2, misc/py-pbs-installer

   py-pbs-installer: updated to 2026.1.14

   2026.1.14
   Unknown changes

   py-fido2: updated to 2.1.0

   Version 2.1.0 (released 2026-01-14)
    ** CTAP 2.3 support:
     *** Add new GetInfo fields: enc_cred_store_state.
     *** Add support for pinComplexityPolicy extension.
     *** Add thirdPartyPayment bit to credman.
     *** Check support for config subcommands.
    ** WebAuthn:
     *** Allow UserEntity without 'name' field for improved spec compliance.
     *** Update MDS3 dataclasses with new fields.
    ** Fido2Client:
     *** Fallback to PIN after UV_BLOCKED error.
     *** Improve preflight handling when message exceeds maximum size.
    ** WindowsClient:
     *** Fix: Parse 'credentialProtectionPolicy' properly.
     *** Update win_api.py from latest webauthn.h.
     *** Add support for hmac-secret-mc extension.
     *** Add support for hints.

    [4 lines not shown]

   Updated www/py-jupyterlab, www/py-notebook

   py-notebook: updated to 7.5.2

   7.5.2

   Maintenance and upkeep improvements

   - Update to JupyterLab v4.5.2

   new unbound

   bump libunbound

   py-jupyterlab: updated to 4.5.2

   4.5.2

   Bugs fixed

   - Backport 18250: Make system clipboard opt-in
   - Fix empty math block throws codemirror's error
   - Fix cell footer width for smaller screens
   - Fix scrolling to anchor from ToC/links in Markdown and HTML with data attributes
   - Fix merge breaking rendering cell order in `defer` mode
   - Fix inverted Unicode surrogate checks

   Maintenance and upkeep improvements

   - Bump vega-selections from 5.6.0 to 5.6.3
   - Make the plugin registry slow activation test more robust
   - Bump jws from 3.2.2 to 3.2.3
   - Remove unused snapshot

    [6 lines not shown]

   merge changes between unbound 1.23.1 and 1.24.2

   Import unbound 1.24.2 (previous was 1.23.1)

   Unbound 1.24.2 Latest
   This security release has additional fixes for CVE-2025-11411.

   Promiscuous NS RRSets that complement DNS replies in the authority
   section can be used to trick resolvers to update their delegation
   information for the zone.

   The CVE is described here
   https://nlnetlabs.nl/downloads/unbound/CVE-2025-11411.txt

   Unbound 1.24.1 included a fix that scrubs unsolicited NS RRSets (and
   their respective address records) from replies mitigating the possible
   poison effect.

   Unbound 1.24.2 includes an additional fix that scrubs unsolicited NS
   RRSets (and their respective address records) from YXDOMAIN and
   non-referral nodata replies as well, mitigating the possible poison

    [240 lines not shown]

   We need bash at runtime.

   doc: Updated x11/xscreensaver to 6.14

   x11/xscreensaver -- update to v6.14

   Upstream lists all the cool new stuff at

   <https://www.jwz.org/blog/2026/01/xscreensaver-6-14/>

   Fix: avoid double free of hdrbuf pointer in tmux if imsg_add fails
   imsg_add already frees the hdrbuf pointer before returning -1.

   reviewed by christos@, to be sent upstream

   vax/liveimage: exclude man page sets etc. to fix live-image build

   Tested on open-simh:
   ---
   NetBSD 11.99.4 (GENERIC) #0: Fri Jan 16 03:16:14 JST 2026

   Welcome to NetBSD!

   This is a development snapshot of NetBSD for testing -- user beware!

   Bug reports: https://www.NetBSD.org/support/send-pr.html
   Donations to the NetBSD Foundation: https://www.NetBSD.org/donations/
   We recommend that you create a non-root account and use su(1) for root access.
   No entry for terminal type "unknown";
   using dumb terminal settings.
   # df
   Filesystem      1K-blocks         Used        Avail %Cap Mounted on
   /dev/ra0a          965166       904188        12720  99% /
   ptyfs                   1            1            0 100% /dev/pts

    [13 lines not shown]

telegram-desktop: Add reference to CVE-2021-47793

py-keras: Add reference to CVE-2026-0897

plantuml: Add reference to CVE-2026-0858

deno: Add reference to CVE-2026-2286[34]

   upgrade to ircii-20260115.

   major changes include:
   - fix ICB on newer linux systems
   - fix some memory leaks
   - make rand() default initialisation less obvious
   - new --with-default-ssl to configure
   - fix some issues in choosing the window a message belongs to
   - fix hang in /window create
   - fix problem in dcc_chatpeers_func() with no peers
   - updates for the manual

   mk: get rid of two more unconditional forks

   Assume that CVS users know about 'update -d' by now and do not have
   empty patches/ directories lying around. Worst case if they don't:
   they end up with an unnecessary 'patch' tool dependency, which is
   installed by default on NetBSD.

   Assume that LOCALPATCHES users do not have empty directories lying
   around.  Worst case: see above.

   Updated textproc/py-openapi-core, www/py-django-import-export

   py-django-import-export: updated to 4.4.0

   4.4.0 (2026-01-10)
   - Added CachedForeignKeyWidget

   py-openapi-core: updated to 0.22.0

   0.22.0

   Features

   Typed style deserializers (casting is part of style deserializing)
   Urlencoded deserializer schema matching type coercion

   Fixes

   BooleanCaster consistent boolean values fix
   Error with multiple schemas in urlencoded request body

   Backward incpomatibilities

   style_deserializers_factory and media_tyles_deserialization_factory defaults to None in configuration and protocols
   CastError inherits from DeserializeError
   StyleDeserializersFactory requires schema_caster_factory
   removed style_deserialization_factory and media_tyles_deserialization_factory objects

   dvipsk: follow redirect

   pcre++: update link

   This project is archived.

   pconsole: comment out dead site

   pcmanfm: switch to default sourceforge site, other site is dead